Thursday Interview: CCP Stillman & Team Security

Once upon a time….

So starts all fairy tales – and thinking about how long this interview has taken to finalize – this phrase would come very close. When he handed over the approved questions, CCP Manifest said with a sigh of relief in his voice:

“… for some reason this interview has become my Moby Dick, the white whale that took my leg and continued to elude me for a variety of reasons.”

It all started back in February when CCP Sreegs got involved with a case of botting from a prominent “Unista” (person within EVE University). Quickly the thread developed and for this reason I thought it would be a good idea to help shed some light on how companies resolve security matters but also just to get an update from the department – so in March we sent some questions to CCP to help resolve this. Unfortunately due to internal restructuring, the sensitivity of the interview and a Fanfest plopping down in the middle of everything, stuff got delayed.

Now with the padding of backs done. I fully expect a favour, Ned – and I will claim that within the next 6 months! 😉

So we received the approved questions from TeamSecurity! Please read on for a unique insight into CCP security measures and how a small team makes a big difference.

 

Vince: Thank you for wanting to participate in this interview with EVE Stratics. Without disclosing personal details, can you please share with us who you are and what kind of responsibilities you have in the organisation?

 

Hi! I’m CCP Stillman, member of Team Security. My responsibilities at CCP are quite wide-ranging, but include the general security of EVE Online as a game, our infrastructure, and fighting against botting and RMT.

CCP_Stillman

Vince: Can you give us a ballpark figure of how big your team actually is and how many cases they resolve on a weekly basis? (perhaps a graph?)

 

CCP Stillman: Right now we’re 4 people: CCP Peligro, Lead GM Grimmi, CCP Doppel and myself. Our case load is extremely variable depending on ongoing cases we are working and how well we are doing in the fight against the bad people. Therefore it’s hard to give a meaningful “weekly number”, but we try to keep up as best as we can.

 

TeamSecurity

Vince: The team does not normally get a lot of attention or perhaps enough credit, but it seems that your team is actually quite valuable in terms of server stability and other things such as the banning of botters – but how many pies do you actually have your fingers in?

 

CCP Stillman: We have our fingers in a lot of pies at any given time. We always try to stay on top of what is currently in development and proactively engage teams in ensuring that not only new features are as good as they can be in terms of overall security, but also work on improving general security of older parts of EVE. We’re split between customer relations (CCP Peligro, Lead GM Grimmi, CCP Doppel) and engineering (Me), which gives us a very broad view across everything that is going on at any given time and allows us to tackle problems from multiple angles.

 

Vince: How do you perceive the public perception of your team? Is it very flawed? Do the playes tend to have many misconceptions about what you actually do or what kind of restrictions you are dealing with on a daily level?

 

CCP Stillman: I think generally the public perception is really quite limited. In my ideal world, we would do our job so well that issues would be invisible and no player should even have to think of our team. Unfortunately, the problems that we face are the same that the whole industry faces. It’s not a set of issues that can ever realistically be completely solved. But I think the biggest perception flaw is that we just ban botters all day, while reality is that we also work on higher-level tasks and more engineering focused tasks. And of course, there’s also misconceptions about how we go about what we do. But that is expected, given that we do benefit from maintaining obscurity in regards to how we work!

 

Vince: As previous question would perhaps indicate, there seems to be some knowledge when it comes to personal disclosure that is cause for your policy (about a blanket non-disclosure of personal information) that the players are perhaps not fully aware of in terms of consequenses. Can you share with us how legal local/global laws regarding personal information is affecting your working routines and how you would be affected should you chose to break them?

 

CCP Stillman: CCP operates in an international environment, meaning that we are subject to a wide range of privacy laws in each country that we have to follow. There’s a lot of technical implications this has in regards to how we secure data. The most important thing, which is not just because of regulations or laws, is that we can only share personal data with law enforcement. We do have a great relationship with local and international law enforcement, so when we do need to work with them, it goes smoothly.

 

Vince: In most larger organisations that are involved in servicing people, there will be different levels of management and routes for escalations. At some point though, escalations becomes redundant or ineffecient because of lack of knowledge/understanding about the processes and individual cases. In a recent forum debacle, there seemed to be confusion about the escalation process for your department. Can you provide a brief overview of the level of knowledge about your processes that the rest of the organisation has and at which point further escalation becomes ineffective and redundant due to lack of understanding?

 

CCP Stillman: This is a hard problem, because “everybody in jail is innocent” and what we do is highly technical. We’re of course extremely sensitive to false positives, but we rely on a lot of different sources of data when we decide to ban somebody. In cases where things get escalated, we present our findings to the person the case has been escalated to and explain the reason for the ban. Lead GM Grimmi recently joined the team during a re-organization, and he is responsible for policy and oversight. So we now have an extra resource in the team to deal with these situations. However I will stress that cases are extremely rare where there’s any doubt on the matter

 

Vince: When looking back at 2012 for CCP, it seems that there was a significant amount of botting going on. The developer blog from april 2012 seemed to indicate that less than 1% got banned for engaging in RMT activities, but this is still for just a small timeframe. How did 2012 end up in numbers for your department?

 

CCP Stillman: Between the dev blog in April 2012 and this year’s Fanfest around a year after we banned 13,000 user accounts in total in a mix of permanent and temporary bans. We’re always extremely busy!

 

Vince: How does the amount of ISK taken out of the economy affect CCP or the playerbase? Would the players be able to see some of those funds be returned to the players in terms of development resources or projects for causes such as the charity drives “PLEX For Good”?

 

CCP Stillman: The amount of ISK “taken out” should rather be considered ISK that should absolutely never have been there in the first place. As such, we consider it to be removed from the economy for all intents and purposes. We have no plans to change that at this time.

 

Vince: The RMT Industry and fraudulent credit card abuse for gamers seem to make up a significant amount on a global basis. Numbers being thrown around seems to indicate that its a billion dollar industry. How well protected do you believe that the players in New Eden are from this abuse, due to the effort made by your department?

 

CCP Stillman: Team Security and CCP try our best to ensure the safety of our players. Right now I’m personally working with different teams here to upgrade our efforts significantly in order to ensure that players can enjoy our games without having to be concerned about outside actors. It’s still too early to discuss specifics, but we’re hoping to approach this issue from a number of angles to provide the best level of safety for everybody.

fanfestcharity_940

Vince: Have you noticed any trends in regards to RMT behavior that could help players identify botters or RMT’ers? If you can not disclose any useful information because you are afraid that the very people we try to catch will use this information to avoid detection, can you disclose anything that may help the playerbase identify this kind of behavior?

 

CCP Stillman: The most obvious thing to look for is players that seem to be online 24/7, playing in very repetitive and predictable patterns.

 

Vince: Do you believe that the players have a viable way of dealing with RMT’ers/botters with the current tools and reporting mechanics provided by CCP? Or would you like to have more tools given to the playerbase to help in your effort in this regard?

 

CCP Stillman: It’s my opinion that players should never have to think of these sorts of things as it ruins immersion. We’d rather solve this by simply improving our overall effectiveness. We’re in a better position to attack these issues than players in general, so while player help is appreciated, and we do get good information from players through support tickets, the biggest impact will probably always come from our side because of the vast data access disparity between what we can look at and what they have visibility on. But we still investigate any player submitted information that we get through support tickets!

 

Thanks to all teams and individuals involved in this interview and making it all happen!

Leave a Reply

Your email address will not be published. Required fields are marked *